URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Submission: On April 01 via manual from US — Scanned from DE

Summary

This website contacted 26 IPs in 4 countries across 16 domains to perform 59 HTTP transactions. The main IP is 13.32.121.112, located in United States and belongs to AMAZON-02, US. The main domain is www.firerescue1.com. The Cisco Umbrella rank of the primary domain is 562691.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 29th 2023. Valid for: a year.
This is the only time www.firerescue1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 13.32.121.112 16509 (AMAZON-02)
16 18.66.122.32 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
4 2a02:26f0:300... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.18.160.126 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:266... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 18.172.103.101 16509 (AMAZON-02)
1 167.235.124.23 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 104.17.194.118 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.196 15169 (GOOGLE)
2 172.217.16.195 15169 (GOOGLE)
1 142.250.185.138 15169 (GOOGLE)
3 142.250.186.131 15169 (GOOGLE)
1 142.250.185.142 15169 (GOOGLE)
1 167.235.124.60 24940 (HETZNER-AS)
1 142.250.185.232 15169 (GOOGLE)
1 3.33.220.150 16509 (AMAZON-02)
59 26
Apex Domain
Subdomains
Transfer
16 brightspotcdn.com
lexipol.brightspotcdn.com — Cisco Umbrella Rank: 97862
320 KB
7 gstatic.com
fonts.gstatic.com
268 KB
6 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5220
scdn.cxense.com — Cisco Umbrella Rank: 16357
api.cxense.com — Cisco Umbrella Rank: 8388
id.cxense.com — Cisco Umbrella Rank: 11241
81 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2655
123 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 2042
21 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
139 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8653
cdn.tinypass.com — Cisco Umbrella Rank: 5740
buy.tinypass.com — Cisco Umbrella Rank: 6601
118 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
295 KB
3 firerescue1.com
www.firerescue1.com — Cisco Umbrella Rank: 562691
36 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7099
126 B
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1509
insight.adsrvr.org — Cisco Umbrella Rank: 629
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
7 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5297
3 KB
1 lexipol.com
media.cdn.lexipol.com — Cisco Umbrella Rank: 199092
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 744
30 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 295
29 KB
59 16
Domain Requested by
16 lexipol.brightspotcdn.com www.firerescue1.com
7 fonts.gstatic.com fonts.googleapis.com
www.firerescue1.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 www.googletagmanager.com www.firerescue1.com
www.googletagmanager.com
3 cdn.cxense.com www.firerescue1.com
cdn.cxense.com
scdn.cxense.com
3 www.firerescue1.com
2 www.google.de www.firerescue1.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com www.firerescue1.com
1 buy.tinypass.com cdn.tinypass.com
1 region1.analytics.google.com www.googletagmanager.com
1 insight.adsrvr.org js.adsrvr.org
1 id.cxense.com scdn.cxense.com
1 www.google.com www.firerescue1.com
1 c2.piano.io cdn.tinypass.com
1 region1.google-analytics.com www.googletagmanager.com
1 api.cxense.com scdn.cxense.com
1 js.adsrvr.org www.googletagmanager.com
1 media.cdn.lexipol.com www.googletagmanager.com
1 securepubads.g.doubleclick.net www.googletagservices.com
1 cdn.tinypass.com experience.tinypass.com
1 scdn.cxense.com www.firerescue1.com
1 experience.tinypass.com www.firerescue1.com
1 code.jquery.com www.firerescue1.com
1 www.googletagservices.com www.firerescue1.com
59 26
Subject Issuer Validity Valid
lexipol.production.k1.m1.brightspot.cloud
Amazon RSA 2048 M01
2023-06-29 -
2024-07-27
a year crt.sh
lexipol.brightspotcdn.com
Amazon RSA 2048 M03
2023-10-31 -
2024-11-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-14 -
2025-02-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-13 -
2024-08-12
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.cdn.lexipol.com
Amazon RSA 2048 M02
2024-01-22 -
2025-02-18
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3
2024-02-25 -
2024-12-31
10 months crt.sh
*.google.de
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Frame ID: B27FBE685CC2F73AB1CB17F5E4836B46
Requests: 57 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 830E0D45DE7E3F9CDD4EF33D5A93A34A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.firerescue1.com%2Fdonald-trump%2Farticles%2F393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires%2F&upid=wuk3whe&upv=1.1.0&gdpr=1&gdpr_consent=undefined
Frame ID: DC15B10C3E827090D71BF075FEAE9049
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Page Not Found

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

46 %
IPv6

16
Domains

26
Subdomains

26
IPs

4
Countries

1478 kB
Transfer

3944 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
151 KB
33 KB
Document
General
Full URL
https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-112.fra60.r.cloudfront.net
Software
istio-envoy / Brightspot
Resource Hash
ccdc9b30227923eafe0ee1380168ec52ea9dbdd46e2e2c66f6a6da286005ba0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
33760
content-type
text/html;charset=UTF-8
date
Mon, 01 Apr 2024 18:05:37 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-id
0SImAiFcnbrD_hnD2B7gY1wkkwbBUt5f92sRZ_HIyEyY9AJ1Auzpqw==
x-amz-cf-pop
FRA60-P1
x-cache
Error from cloudfront
x-envoy-decorator-operation
brightspot-cms-verify.lexipol.svc.cluster.local:80/*
x-envoy-upstream-service-time
157
x-powered-by
Brightspot
All.min.53d143bad28c345a2575855a3db499ce.gz.css
lexipol.brightspotcdn.com/resource/00000189-e582-d339-afc9-fda626e50000/styles/default/
247 KB
34 KB
Stylesheet
General
Full URL
https://lexipol.brightspotcdn.com/resource/00000189-e582-d339-afc9-fda626e50000/styles/default/All.min.53d143bad28c345a2575855a3db499ce.gz.css
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f1e1dbd1e1ab391db0e9c7b121804eb8ab5c0d5529adf08b7cb581d9b6721fd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 08 Mar 2024 00:25:49 GMT
content-encoding
gzip
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 14:30:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2137190
etag
"2ffb33d52c55a0a0973c87e14792deb3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
34896
x-amz-cf-id
Ogl0fTluBCFo2ufZkM8fhG5fDj97_YblTvT66TdVQFVzTTIRFHr7Hw==
webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
lexipol.brightspotcdn.com/resource/00000189-e582-d339-afc9-fda626e50000/webcomponents-loader/
2 KB
1 KB
Script
General
Full URL
https://lexipol.brightspotcdn.com/resource/00000189-e582-d339-afc9-fda626e50000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Jan 2024 23:15:50 GMT
content-encoding
gzip
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
last-modified
Fri, 11 Aug 2023 17:37:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
7238989
etag
"15a442be7d06ec40170c3c91ac824065"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
999
x-amz-cf-id
7vdgz2R9wx8ChTgHTAYk5-FAPbpbGcU_5S5bwo8NokUt16XscYvEZw==
All.min.51f5074999d84e1cb1fd16fb1b9485d4.gz.js
lexipol.brightspotcdn.com/resource/00000189-e582-d339-afc9-fda626e50000/styles/default/
103 KB
21 KB
Script
General
Full URL
https://lexipol.brightspotcdn.com/resource/00000189-e582-d339-afc9-fda626e50000/styles/default/All.min.51f5074999d84e1cb1fd16fb1b9485d4.gz.js
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd52f4c596c72db33b3a00fcfb963cfb7d262d229f441a14fdc518d45262e11b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 12 Mar 2024 13:47:00 GMT
content-encoding
gzip
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
last-modified
Tue, 12 Mar 2024 13:46:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1743519
etag
"43f5eb15e5744c46b64cb2aae034c7a7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21595
x-amz-cf-id
4H28HyVm-AITWDu6mHCvQyRnCN8ibA3KYAhq6plH39W7rTy-lSYKgg==
gpt.js
www.googletagservices.com/tag/js/
90 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7619fbf327f5ce22d1842f8babcf6c0030bd8348918adddae5e9e3d22ff2411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29385
x-xss-protection
0
server
cafe
etag
110 / 19814 / 31082378 / config-hash: 4668030745340686111
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Apr 2024 18:05:38 GMT
jquery-3.7.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
16796063
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-fra-eddf8230068-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711994738.127948,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 61084
cx.cce.js
cdn.cxense.com/
23 KB
6 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:300:18d::268b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 18:05:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Mon, 01 Apr 2024 19:05:38 GMT
/
lexipol.brightspotcdn.com/dims4/default/a847ce4/2147483647/strip/true/crop/687x178+0+0/resize/120x31!/format/webp/quality/90/
1 KB
2 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/a847ce4/2147483647/strip/true/crop/687x178+0+0/resize/120x31!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2F82%2F4d%2F8b0266094b1d8cb6ed5204cacb6e%2Flogo-lexipolmediagroup-white.png
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f73f3d5011e0774e13f0ff81e08e9b30d3dd5a2316a08c4298a642d62908159

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 31 Oct 2023 17:37:30 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
13220888
etag
f4d32c56ca7159329aff9bc564784b5e
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
379
content-length
1368
x-amz-cf-id
wXdWTIFxI9-RgNbiKmeMvbJNAIBY0UwuTLsa9tnrffVqDZI9KL7J8w==
expires
Wed, 30 Oct 2024 17:37:30 GMT
/
lexipol.brightspotcdn.com/dims4/default/953a808/2147483647/strip/true/crop/1464x304+0+0/resize/250x52!/format/webp/quality/90/
3 KB
4 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/953a808/2147483647/strip/true/crop/1464x304+0+0/resize/250x52!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2Fb2%2F7f%2F14b2562049338e02311fabeaecfe%2Ffirerescue1-full-color.png
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
cf2f3b23250bc25652a7d57975f238537dbdac83bd8b6a8e86cea2baf515dc10

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 06 Feb 2024 17:30:58 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
4754080
etag
f45b1a7394a7674516ab733318793b3d
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
294
content-length
3304
x-amz-cf-id
QGEpSMqqZDvZjTqyKDpbp8IsgKHQ6pNMGP82cl8ho9GAh4kgsf1n3A==
expires
Wed, 05 Feb 2025 17:30:58 GMT
/
lexipol.brightspotcdn.com/dims4/default/7d2b826/2147483647/strip/true/crop/1464x304+0+0/resize/250x52!/format/webp/quality/90/
2 KB
3 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/7d2b826/2147483647/strip/true/crop/1464x304+0+0/resize/250x52!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2F8a%2Fed%2Fa24198594fb7891949b3dbb97c05%2Ffirerescue1-white.png
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
029f55b8e28c2a5dc084dd33ebcc080775cd8f374742dfd02b7bf1d5d4d9fbd4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 08 Mar 2024 16:06:49 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
2080729
etag
379a4db7fe9c85ddf22d0ca1599ef886
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
276
content-length
2192
x-amz-cf-id
Crv7ZEvhU1GWeifIBNacilHXwNd2JvmOLQ1aigre0kct4GpW5KnKPQ==
expires
Sat, 08 Mar 2025 16:06:49 GMT
gtm.js
www.googletagmanager.com/
303 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXD2S2
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55a72dc9496d20ffe1182e67422e670f93e4eb4f0166a9941522d77f1ee3158b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104557
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Apr 2024 18:05:38 GMT
load
experience.tinypass.com/xbuilder/experience/
4 KB
2 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=qVECSUi3pu
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e684599ba21579d7925e393bd817a56ef01733a3bb55c3cfc42ce3b9873037
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
date
Mon, 01 Apr 2024 18:05:38 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Apr 2024 17:52:44 GMT
server
cloudflare
age
774
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
86da822a5d589f16-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
ftvkk8qtk3
expires
Mon, 01 Apr 2024 18:35:38 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700|Roboto%20Slab:300,400,700&display=swap
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b960000d938e1c1e0888c7c3d4ece0da944f8a7530a2021d9ec0fb953bfcb9d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Apr 2024 18:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 18:05:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Apr 2024 18:05:38 GMT
cx.js
scdn.cxense.com/
112 KB
37 KB
Script
General
Full URL
https://scdn.cxense.com/cx.js
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:300:18d::268b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf3570ea05c64020a7a5fb83b99157ac40dbe0fa85e205590c53baef1387cfa3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 18:05:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Mar 2024 06:23:38 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37456
Expires
Mon, 01 Apr 2024 19:05:38 GMT
/
lexipol.brightspotcdn.com/dims4/default/d155ca0/2147483647/strip/true/crop/1402x788+0+0/resize/500x281!/format/webp/quality/90/
55 KB
56 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/d155ca0/2147483647/strip/true/crop/1402x788+0+0/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2Fe2%2F7a%2F4c04929a4f6dac1e14c1275df73c%2Fpaulding-county-fire-rescue-fire.jpg
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
4f4bfee5c2a9c4884f3e801b6e00a518330f9f818727c3182e01be499d0db258

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 16:39:58 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
5140
etag
90032cf39d1e03c122e2be2a66b44a73
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
343
content-length
56784
x-amz-cf-id
EFOBQYVHYPcI1inZus1lMf6HgOo9jC0egq8WoqIbNWKnOesYmBe6Ug==
expires
Tue, 01 Apr 2025 16:39:58 GMT
/
lexipol.brightspotcdn.com/dims4/default/7c0c99c/2147483647/strip/true/crop/5000x2810+0+262/resize/500x281!/format/webp/quality/90/
50 KB
50 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/7c0c99c/2147483647/strip/true/crop/5000x2810+0+262/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2Faf%2Fde%2Fdef685764cfc9278da59c3147e92%2Fpakcers-fans.jpg
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
46138bf14a919054a2b104003997700f5af857feb751b76044fb6b23071ce00c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 15:26:32 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
9546
etag
073a1b5b85f72c52384cacf22afe01bf
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
503
content-length
51164
x-amz-cf-id
gfVpLyvA903AfZ4SROgDYmWTLHAnKzZjTIr9v2vbrY7LWPA8SJBR-A==
expires
Tue, 01 Apr 2025 15:26:32 GMT
/
lexipol.brightspotcdn.com/dims4/default/428dff4/2147483647/strip/true/crop/480x270+0+45/resize/500x281!/format/webp/quality/90/
20 KB
21 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/428dff4/2147483647/strip/true/crop/480x270+0+45/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fi.ytimg.com%2Fvi%2F_ytAunU5dxk%2Fhqdefault.jpg
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
60f8215bc32cae898080b08298f874a59db54ce6873a2f49589c25386b52577b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 14:33:03 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
12755
etag
66d620898c7796ff9f29ecb126c3aa31
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
318
content-length
20830
x-amz-cf-id
jnxzWdjvq9m0sYJjD5fRT_9PzxO6_C6tG8mWlgz4Lm6yT-tX1xMkdg==
expires
Tue, 01 Apr 2025 14:33:03 GMT
/
lexipol.brightspotcdn.com/dims4/default/8038e9c/2147483647/strip/true/crop/1801x1012+45+0/resize/500x281!/format/webp/quality/90/
7 KB
8 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/8038e9c/2147483647/strip/true/crop/1801x1012+45+0/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2Ffa%2Faa%2F1b9a4a4f42f2b06e479bfa04bd5b%2Fva-department-of-forestry.png
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
371a2cbdd9a8d5751e5a013d2656debea00cce2804f5a4d44176e1d5a58fdb10

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 14:19:00 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
13598
etag
1db3667c4051dd4ffc495fd92fa411ab
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
344
content-length
7346
x-amz-cf-id
4L9J66Ncfpfn9pMNmduMQfVonU7Tubk5qwQDF4mygYqBiQTEXMeyDw==
expires
Tue, 01 Apr 2025 14:19:00 GMT
/
lexipol.brightspotcdn.com/dims4/default/b27452d/2147483647/strip/true/crop/2228x1252+14+0/resize/500x281!/format/webp/quality/90/
34 KB
35 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/b27452d/2147483647/strip/true/crop/2228x1252+14+0/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2F30%2F0f%2F3f7340bc41d0bfb264d375da9cb4%2Ffdny.jpg
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
82a5cebc7129186f21f0a571c981b98564b3fb6d3b07392a648bef88c7feaaba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 13:25:30 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
16808
etag
6ac13aefe678588e267937b9415329eb
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
298
content-length
34862
x-amz-cf-id
xoGRMhO5ahuj34PGWm7h8zp_QY1rJMLz0SmI7honl4gaetu-DnVDPQ==
expires
Tue, 01 Apr 2025 13:25:30 GMT
/
lexipol.brightspotcdn.com/dims4/default/44fa026/2147483647/strip/true/crop/480x270+0+45/resize/500x281!/format/webp/quality/90/
9 KB
9 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/44fa026/2147483647/strip/true/crop/480x270+0+45/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fi.ytimg.com%2Fvi%2FjJXQG2xA1pg%2Fhqdefault.jpg
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8d1a035b626ec1380b13804148b1706864b3a1f43c70cf06ade541773e5a84eb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 26 Feb 2024 18:34:43 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
3022255
etag
45b37e10b6d63b514e3daac922a4aec6
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
118
content-length
9266
x-amz-cf-id
ty2aPvRi3aW75GSNh73YGDl9rx-AsX6FRStwDDFh7XPcL1WB0HI3fA==
expires
Tue, 25 Feb 2025 18:34:43 GMT
/
lexipol.brightspotcdn.com/dims4/default/b15afb7/2147483647/strip/true/crop/480x270+0+45/resize/500x281!/format/webp/quality/90/
21 KB
21 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/b15afb7/2147483647/strip/true/crop/480x270+0+45/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fi.ytimg.com%2Fvi%2F2VfupzCfgDU%2Fhqdefault.jpg
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
16cd639ec88dc5d37abac5a4909be31cfe3a8b5e014c6b62770dda81364b1dcb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 17 Feb 2024 09:34:23 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
3832275
etag
a8bb8da1b55c0622dbe7236200f557c2
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
111
content-length
21130
x-amz-cf-id
xKU--aDNjlU-6KsCYcYh_Sdl_dmazvWop0u6j1Gt4P89YekOqk98UA==
expires
Sun, 16 Feb 2025 09:34:23 GMT
/
lexipol.brightspotcdn.com/dims4/default/3e1c911/2147483647/strip/true/crop/2238x1258+9+0/resize/500x281!/format/webp/quality/90/
17 KB
17 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/3e1c911/2147483647/strip/true/crop/2238x1258+9+0/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2F02%2F1f%2Fb5fd597545939be0ff8fe8f20802%2Fringvideo.png
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
fe45b1b29116c7772d5384f46f28ee63ab5a5e7e6eba776174abd2514454cab0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 26 Feb 2024 18:34:43 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
3022255
etag
8b05134715af9a8fcf3cda87f3e85231
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
388
content-length
16944
x-amz-cf-id
KZsMU8-k2rmhkGX_PA6LLq_ZBhji1e2FL9DbecvReh7WyUw1k1WHow==
expires
Tue, 25 Feb 2025 18:34:43 GMT
/
lexipol.brightspotcdn.com/dims4/default/a1e1b5d/2147483647/strip/true/crop/3264x1834+0+0/resize/500x281!/format/webp/quality/90/
26 KB
26 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/a1e1b5d/2147483647/strip/true/crop/3264x1834+0+0/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2F27%2F63%2Fed0d96fc494283b5034c3ccfebaa%2Floddofficersff.jpg
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
32a12bf90e6b66b2c46efeb06939647f60915bec41b7b572a978536c7578a5c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 18 Feb 2024 23:50:43 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
3694495
etag
a543d5708e025a8b8385105351527650
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
330
content-length
26302
x-amz-cf-id
jDTndyZMbSJmYcH0IinFMxXM5TyW2SkgwbkhkLnObUpFv4JDjpzfaQ==
expires
Mon, 17 Feb 2025 23:50:43 GMT
/
lexipol.brightspotcdn.com/dims4/default/b746ac5/2147483647/strip/true/crop/1587x892+74+0/resize/500x281!/format/webp/quality/90/
12 KB
12 KB
Image
General
Full URL
https://lexipol.brightspotcdn.com/dims4/default/b746ac5/2147483647/strip/true/crop/1587x892+74+0/resize/500x281!/format/webp/quality/90/?url=https%3A%2F%2Fk1-prod-lexipol.s3.us-east-2.amazonaws.com%2Fbrightspot%2Fe9%2Ff9%2F67bf353b4821be9e4b4d6ce02f42%2Fstanleyfiredepartment.png
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-32.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e26accbb6eb8c6bf57a99d22e58f26f5433e216c022021c9ea5eebec13b7dd2c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 26 Feb 2024 18:34:43 GMT
x-envoy-decorator-operation
brightspot-dims-verify.lexipol.svc.cluster.local:80/*
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P2
age
3022255
etag
105cb7360b55b53d389b903b87fede03
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
353
content-length
11834
x-amz-cf-id
AeYQCIiyLVVkbJjGbqZpzZbofR5G6MDxAWH-uctkgU8P-0HzxdJnPA==
expires
Tue, 25 Feb 2025 18:34:43 GMT
tinypass.min.js
cdn.tinypass.com/api/
392 KB
116 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=qVECSUi3pu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930797df1c7904489382c8138ed78fad0af4ce60355cb808263db536c859ffd0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:38 GMT
x-amz-version-id
b89kI.X8Z4yvgGE2_Chf.cxn1O3aH_V8
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
3QSNHZ7WE1J8DHY6
age
11069
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zk22udsKRQwGSZtoAHBOl0f8EKVzXY5ZxBz3vncF4ySo3hYUnAxJHbOSKcaQJ4l/PKa0EU+4Ihs=
last-modified
Thu, 28 Mar 2024 14:38:28 GMT
server
cloudflare
etag
W/"ff388622604b6bdde56c0aca00c5b04e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
86da822ade239f16-FRA
expires
Mon, 01 Apr 2024 22:05:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700|Roboto%20Slab:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 04:10:19 GMT
x-content-type-options
nosniff
age
568519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 04:10:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700|Roboto%20Slab:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 07:26:17 GMT
x-content-type-options
nosniff
age
211161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 07:26:17 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700|Roboto%20Slab:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 08:47:38 GMT
x-content-type-options
nosniff
age
206280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 08:47:38 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403280101/
441 KB
139 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403280101/pubads_impl.js?cb=31082378
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91be3cd4ec7f91736e8505dbc364a0fea064b613c860d4eb3ddb59d6f3600fd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 10:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
29098
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141401
x-xss-protection
0
server
cafe
etag
1344006658391027498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 01 Apr 2025 10:00:40 GMT
cx.js
cdn.cxense.com/
112 KB
37 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:300:18d::268b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf3570ea05c64020a7a5fb83b99157ac40dbe0fa85e205590c53baef1387cfa3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 18:05:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Mar 2024 06:23:38 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37456
Expires
Mon, 01 Apr 2024 19:05:38 GMT
js
www.googletagmanager.com/gtag/
284 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V3J7JMGLX7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXD2S2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc452890cfa33ac441ea2feb29153bb9bee347efb734c4c02f2c798a0b4745ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98662
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Apr 2024 18:05:39 GMT
lio.css
media.cdn.lexipol.com/custom-images/
13 KB
3 KB
Stylesheet
General
Full URL
https://media.cdn.lexipol.com/custom-images/lio.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXD2S2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1800:11:34c0:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e50bb63c2c58b886943621a680f0c630a74660daf271b76c9d84a7b020f17e00

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 04:59:29 GMT
content-encoding
gzip
via
1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
last-modified
Mon, 01 Jun 2020 17:51:40 GMT
x-amz-cf-pop
FRA56-P8
age
47170
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
x-amz-cf-id
Chl3lE0vBcH8kEEmarBGQMeRtveP-i6bGFmqE4wgbSuLpauNenes0w==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXD2S2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Apr 2024 17:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1617
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Apr 2024 19:38:42 GMT
up_loader.1.1.0.js
js.adsrvr.org/
9 KB
4 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXD2S2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 04:57:49 GMT
Content-Encoding
gzip
Via
1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Mar 2024 19:43:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Age
47271
x-amz-server-side-encryption
AES256
ETag
W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
AFOQibE8YfyT1poQlmyOSkmKGSZWe_RvK9En0yP1Yw9N_g1tHUUC-w==
segment
api.cxense.com/profile/user/
62 B
570 B
Script
General
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=20276f8f04e565c64bc376ab020f77af222d92e5&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22luh9gqmzi05ptciq%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.23 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0001.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
62
expires
Mon, 26 Jul 1997 05:00:00 GMT
55877742
fundingchoicesmessages.google.com/i/
183 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/55877742?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403280101/pubads_impl.js?cb=31082378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b4db402691af36e9c3ba940906028901ea93deef5a9d3cda0572fa0eef4f768
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xaRthmuOcEguorxCjEIReQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-xaRthmuOcEguorxCjEIReQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcHx-t3oDm8CHp_M3MQIAk5E2dg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
257 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V3J7JMGLX7&gtm=45je43r0v895139598z86581528za200&_p=1711994738212&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=482369216.1711994739&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711994739&sct=1&seg=0&dl=https%3A%2F%2Fwww.firerescue1.com%2Fdonald-trump%2Farticles%2F393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires%2F&dt=Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2068
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V3J7JMGLX7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firerescue1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
execute
c2.piano.io/xbuilder/experience/
8 KB
3 KB
XHR
General
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=qVECSUi3pu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38959d54a10f4402d3bb81ed57f68423e3e7f18513d0583053cf55ee8a98f7b2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://www.firerescue1.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:39 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
dr2o54uo8f
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.firerescue1.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
86da82326a60a05b-FRA
collect
www.google-analytics.com/j/
3 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=328637598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firerescue1.com%2Fdonald-trump%2Farticles%2F393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires%2F&dp=%2Fdonald-trump%2Farticles%2F393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires%2F&ul=en-us&de=UTF-8&dt=Page%20Not%20Found&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDAgAABAAAAAC~&jid=168240239&gjid=856588151&cid=482369216.1711994739&tid=UA-3782594-14&_gid=1150620964.1711994740&_slc=1&gtm=45He43r0n71TXD2S2v6581528za200&cg3=0&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1695879807
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firerescue1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3782594-14&cid=482369216.1711994739&jid=168240239&gjid=856588151&_gid=1150620964.1711994740&npa=1&_u=YCDAgAABAAAAAG~&z=770293289
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 01 Apr 2024 18:05:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firerescue1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU_8Y1HF0JrTxsfHxeY8vQ_oBYI_NOBjKKbX3aNtR5Mph2VVfwGcUa2ZJHfZJk6A3uNvt1MOik_lWNCvCcqWiGICSAzYSnWgK-fpkdCYKENXGezxnnJfaUQdGe9_uQ_6heql5XsLA==
fundingchoicesmessages.google.com/f/
402 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU_8Y1HF0JrTxsfHxeY8vQ_oBYI_NOBjKKbX3aNtR5Mph2VVfwGcUa2ZJHfZJk6A3uNvt1MOik_lWNCvCcqWiGICSAzYSnWgK-fpkdCYKENXGezxnnJfaUQdGe9_uQ_6heql5XsLA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExOTk0NzM5LDc5MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZmlyZXJlc2N1ZTEuY29tL2RvbmFsZC10cnVtcC9hcnRpY2xlcy8zOTMyNjUwMTgtUHJlc2lkZW50LVRydW1wLXRlbGxzLUZFTUEtdG8tY3V0LWZ1bmRzLWZvci1DYWxpZi13aWxkZmlyZXMvIixudWxsLFtbOCwiUnlubzRGRDlpVEUiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMxb0sLeXyEPh-EAuTKtXnAfwj0hbA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
311ea7b5949cb2f4f97d81b5807a417babf9bb3ad137d326f43ffe2f1ede6733
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hX_bnzG-2Jqjig7MMozBGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-hX_bnzG-2Jqjig7MMozBGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcHx-t3oDm8CGKXcvMgMAkB82QA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sp1.html
cdn.cxense.com/ Frame 830E
0
0
Document
General
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:300:18d::268b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.firerescue1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Mon, 01 Apr 2024 18:05:40 GMT
Expires
Thu, 11 Apr 2024 18:05:40 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3782594-14&cid=482369216.1711994739&jid=168240239&npa=1&_u=YCDAgAABAAAAAG~&z=1718129136
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3782594-14&cid=482369216.1711994739&jid=168240239&npa=1&_u=YCDAgAABAAAAAG~&z=1718129136
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
106 KB
5 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Ryno4FD9iTE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxVOBGVfFzt0kqRirymV1dutwhQHg/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Apr 2024 18:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 18:05:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Apr 2024 18:05:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 23:56:39 GMT
x-content-type-options
nosniff
age
238141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Mar 2025 23:56:39 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 00:50:53 GMT
x-content-type-options
nosniff
age
580487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
125 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.firerescue1.com
URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 12:17:00 GMT
x-content-type-options
nosniff
age
193720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 12:17:00 GMT
AGSKWxXZcFNpjqFpAg-A6uyvjCMpKhgPy8khrkeo8eRFch5cSVDNLoOaCypcDDMpX1IwM9UUC-kkQW8Gb8Qh6J7afs3zFfZYTYbzUs-1GJndVAeC7adQ4ZlZFW8K5L50rXx_B-CgvFuwag==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXZcFNpjqFpAg-A6uyvjCMpKhgPy8khrkeo8eRFch5cSVDNLoOaCypcDDMpX1IwM9UUC-kkQW8Gb8Qh6J7afs3zFfZYTYbzUs-1GJndVAeC7adQ4ZlZFW8K5L50rXx_B-CgvFuwag==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMxb0sLeXyEPh-EAuTKtXnAfwj0hbA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z8AmDjjTSKsvTwWYHu0eXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Apr 2024 18:05:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-Z8AmDjjTSKsvTwWYHu0eXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1hDgFiIh-PLu9Ub2AQ6dp1fxggAywEMpA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.firerescue1.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://www.firerescue1.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 01:17:56 GMT
x-content-type-options
nosniff
age
578864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 01:17:56 GMT
id
id.cxense.com/public/user/
102 B
690 B
Script
General
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22luh9gqmzi05ptciq%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221useeacoxqw8etz686wy8v03c%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221useeacoxqw8etz686wy8v03c%22%7D%5D%2C%22siteId%22%3A%224731406157468515758%22%2C%22location%22%3A%22https%3A%2F%2Fwww.firerescue1.com%2Fdonald-trump%2Farticles%2F393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires%2F%22%7D&callback=cXJsonpCB2
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
2aa0f0e9deb220931cdbe232045bb08f6ab39d424a7fe4309358cec81921afcc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:40 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/
281 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F6BFFJ5JKE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXD2S2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b7fefc82244c3d39e03386babb4e114dcbd31ae5d8d7252ff15d4ffe8259d1f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98359
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Apr 2024 18:05:40 GMT
up
insight.adsrvr.org/track/ Frame DC15
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.firerescue1.com%2Fdonald-trump%2Farticles%2F393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires%2F&upid=wuk3whe&upv=1.1.0&gdpr=1&gdpr_consent=undefined
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.firerescue1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/html
date
Mon, 01 Apr 2024 18:05:40 GMT
server
Kestrel
favicon-16x16.png
www.firerescue1.com/
452 B
894 B
Other
General
Full URL
https://www.firerescue1.com/favicon-16x16.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-112.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f0af6a5b0e30369a84bf1375412d89d38d9abb85cdc4a8dce373defd839d4b2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
brightspot-cms-verify.lexipol.svc.cluster.local:80/*
server
istio-envoy
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
207
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png;charset=UTF-8
x-envoy-upstream-service-time
70
content-length
475
x-amz-cf-id
DJE6frr8rSkbFeYAbbm8E3_Q5apsZ6AL3v0xp64t-Le9KC7XNI7mkg==
favicon-32x32.png
www.firerescue1.com/
900 B
1 KB
Other
General
Full URL
https://www.firerescue1.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-112.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b58579339451ae42886feb58d70047392dce7a5fc1b491907a1c3383e7d1bc75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
brightspot-cms-verify.lexipol.svc.cluster.local:80/*
server
istio-envoy
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
207
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png;charset=UTF-8
x-envoy-upstream-service-time
77
content-length
923
x-amz-cf-id
A54hImiH9hW67EpCXbzBmlHriXd7Mz6KYhLtDXyKivdYJBqoJ0qdGg==
collect
region1.analytics.google.com/g/
0
45 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-F6BFFJ5JKE&gtm=45je43r0v886731057z86581528za200&_p=1711994738212&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=482369216.1711994739&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711994740&sct=1&seg=0&dl=https%3A%2F%2Fwww.firerescue1.com%2Fdonald-trump%2Farticles%2F393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires%2F&dt=Page%20Not%20Found&en=page_view&_fv=1&_ss=1&ep.Publish_Date=2023-11-14%2013%3A35&tfd=3383
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6BFFJ5JKE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firerescue1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F6BFFJ5JKE&cid=482369216.1711994739&gtm=45je43r0v886731057z86581528za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6BFFJ5JKE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firerescue1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F6BFFJ5JKE&cid=482369216.1711994739&gtm=45je43r0v886731057z86581528za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=981849592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 18:05:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/
266 B
510 B
XHR
General
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=qVECSUi3pu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23c3cdb5ea2db735734c6aee5f7264116ad9896e2706a40372e7b2895d6fe4d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json
Referer
https://www.firerescue1.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:05:42 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
7975
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mzft9bsQszs
wn
prod-dash-10-0-116-110
last-modified
Mon, 01 Apr 2024 15:52:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.012
cache-control
public, max-age=14400
cf-ray
86da82472a4e1e32-FRA
expires
Mon, 01 Apr 2024 22:05:42 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onpagereveal object| dataLayer object| liosetup object| WebComponents object| head undefined| script object| googletag object| dfpAdSlotsObject object| dfpAdSlots object| staticAdSlots function| $ function| jQuery object| tp function| extractAndDisplaySponsors object| link object| relList object| webpackChunkbundle_default object| regeneratorRuntime object| cX function| unfocus object| ggeac object| google_tag_data object| google_js_reporting_queue function| cxCCE_callQueueExecute object| cxTest object| ari object| google_tag_manager function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp string| GoogleAnalyticsObject function| ga function| FBLike function| clickEventToAnalytics function| sendPlus function| LinkedInShare undefined| cXJsonpCB1 undefined| google_measure_js_timing function| onYouTubeIframeAPIReady object| gaGlobal function| ttd_dom_ready function| TTDUniversalPixelApi object| ttdPixel object| gaplugins object| gaData object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YjI4OGY0ZDYxNmI5YTAxOWxvYWRlcl9qcw== string| YjI4OGY0ZDYxNmI5YTAxOWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| PianoESPConfig undefined| cXJsonpCB2

16 Cookies

Domain/Path Name / Value
.firerescue1.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIBYB2AZgEYOABgBsfAKxcOwgBxjxXMdJABfIA
.firerescue1.com/ Name: _gcl_au
Value: 1.1.1344306731.1711994739
.firerescue1.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22luh9gqmzi05ptciq%22%7D
.firerescue1.com/ Name: cX_P
Value: luh9gqmzi05ptciq
.firerescue1.com/ Name: _ga_V3J7JMGLX7
Value: GS1.1.1711994739.1.0.1711994739.0.0.0
.firerescue1.com/ Name: _gid
Value: GA1.2.1150620964.1711994740
.firerescue1.com/ Name: _dc_gtm_UA-3782594-14
Value: 1
.piano.io/ Name: __cf_bm
Value: MHQNcKollsf2hdYNShvr_rtGrl8IL7BAkiQbmXNLH7g-1711994739-1.0.1.1-_OmTekJerdP2AnSF.UX3JRKgiGDcdMPEk33ibQoebbHUJfQxH4PJKwNM.bm4v0IlfScFZyjZFGmTIkSzegE4Kw
.firerescue1.com/ Name: __tbc
Value: %7Bkpex%7DZE-tmnprFQe73at9cyN-waZ95bD1ZLzND2vZIG5Erngopciuj_iI4rSVgfreCaMI
.firerescue1.com/ Name: __pat
Value: -14400000
.firerescue1.com/ Name: __pvi
Value: eyJpZCI6InYtbHVoOWdxc3BldHBuMTJ2YiIsImRvbWFpbiI6Ii5maXJlcmVzY3VlMS5jb20iLCJ0aW1lIjoxNzExOTk0NzM5ODUzfQ%3D%3D
.firerescue1.com/ Name: xbc
Value: %7Bkpex%7D_tD4Tcz2CVoGfwIES17_79KepCy5WtIs_LqBZ0AgxnEeORLGE46tk4h4cz9WsIlR0n-Q6e8Amvfx34XXyAbRdJIOceNJ_D1KmETh3j1G2GpzTWKTIctqq6e2wf5P-KqU
.cxense.com/ Name: gckp
Value: cx:1jrbldsq7icss3upk6bzlcprxb:dlwkf4z6evuj
.firerescue1.com/ Name: cX_G
Value: cx%3A1jrbldsq7icss3upk6bzlcprxb%3Adlwkf4z6evuj
.firerescue1.com/ Name: _ga_F6BFFJ5JKE
Value: GS1.1.1711994740.1.0.1711994740.60.0.0
.firerescue1.com/ Name: _ga
Value: GA1.1.482369216.1711994739

11 Console Messages

Source Level URL
Text
network error URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firerescue1.com/donald-trump/articles/393265018-President-Trump-tells-FEMA-to-cut-funds-for-Calif-wildfires/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cxense.com
buy.tinypass.com
c2.piano.io
cdn.cxense.com
cdn.tinypass.com
code.jquery.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
id.cxense.com
insight.adsrvr.org
js.adsrvr.org
lexipol.brightspotcdn.com
media.cdn.lexipol.com
region1.analytics.google.com
region1.google-analytics.com
scdn.cxense.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.firerescue1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.17.194.118
104.18.160.126
13.32.121.112
142.250.185.138
142.250.185.142
142.250.185.196
142.250.185.232
142.250.186.131
167.235.124.23
167.235.124.60
172.217.16.195
18.172.103.101
18.66.122.32
2001:4860:4802:32::36
2001:4860:4802:34::178
2600:9000:266e:1800:11:34c0:8180:93a1
2a00:1450:4001:800::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9c
2a02:26f0:300:18d::268b
2a04:4e42:200::649
3.33.220.150
029f55b8e28c2a5dc084dd33ebcc080775cd8f374742dfd02b7bf1d5d4d9fbd4
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
16cd639ec88dc5d37abac5a4909be31cfe3a8b5e014c6b62770dda81364b1dcb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2aa0f0e9deb220931cdbe232045bb08f6ab39d424a7fe4309358cec81921afcc
2f1e1dbd1e1ab391db0e9c7b121804eb8ab5c0d5529adf08b7cb581d9b6721fd
311ea7b5949cb2f4f97d81b5807a417babf9bb3ad137d326f43ffe2f1ede6733
32a12bf90e6b66b2c46efeb06939647f60915bec41b7b572a978536c7578a5c5
371a2cbdd9a8d5751e5a013d2656debea00cce2804f5a4d44176e1d5a58fdb10
38959d54a10f4402d3bb81ed57f68423e3e7f18513d0583053cf55ee8a98f7b2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46138bf14a919054a2b104003997700f5af857feb751b76044fb6b23071ce00c
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4f4bfee5c2a9c4884f3e801b6e00a518330f9f818727c3182e01be499d0db258
55a72dc9496d20ffe1182e67422e670f93e4eb4f0166a9941522d77f1ee3158b
55e684599ba21579d7925e393bd817a56ef01733a3bb55c3cfc42ce3b9873037
60f8215bc32cae898080b08298f874a59db54ce6873a2f49589c25386b52577b
7b4db402691af36e9c3ba940906028901ea93deef5a9d3cda0572fa0eef4f768
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82a5cebc7129186f21f0a571c981b98564b3fb6d3b07392a648bef88c7feaaba
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d1a035b626ec1380b13804148b1706864b3a1f43c70cf06ade541773e5a84eb
8f73f3d5011e0774e13f0ff81e08e9b30d3dd5a2316a08c4298a642d62908159
91be3cd4ec7f91736e8505dbc364a0fea064b613c860d4eb3ddb59d6f3600fd4
930797df1c7904489382c8138ed78fad0af4ce60355cb808263db536c859ffd0
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b23c3cdb5ea2db735734c6aee5f7264116ad9896e2706a40372e7b2895d6fe4d
b58579339451ae42886feb58d70047392dce7a5fc1b491907a1c3383e7d1bc75
b7fefc82244c3d39e03386babb4e114dcbd31ae5d8d7252ff15d4ffe8259d1f1
b960000d938e1c1e0888c7c3d4ece0da944f8a7530a2021d9ec0fb953bfcb9d8
bd52f4c596c72db33b3a00fcfb963cfb7d262d229f441a14fdc518d45262e11b
bf3570ea05c64020a7a5fb83b99157ac40dbe0fa85e205590c53baef1387cfa3
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
cc452890cfa33ac441ea2feb29153bb9bee347efb734c4c02f2c798a0b4745ac
ccdc9b30227923eafe0ee1380168ec52ea9dbdd46e2e2c66f6a6da286005ba0e
cf2f3b23250bc25652a7d57975f238537dbdac83bd8b6a8e86cea2baf515dc10
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e26accbb6eb8c6bf57a99d22e58f26f5433e216c022021c9ea5eebec13b7dd2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50bb63c2c58b886943621a680f0c630a74660daf271b76c9d84a7b020f17e00
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0af6a5b0e30369a84bf1375412d89d38d9abb85cdc4a8dce373defd839d4b2d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7619fbf327f5ce22d1842f8babcf6c0030bd8348918adddae5e9e3d22ff2411
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe45b1b29116c7772d5384f46f28ee63ab5a5e7e6eba776174abd2514454cab0